package org.chen.shiro;

import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.SimpleCredentialsMatcher;
import org.apache.shiro.crypto.hash.Md5Hash;

/**
 * 自定义密码校验器
 *
 * @Author: 陈亮
 * @Date: 2019/3/24 19:18
 */
public class CredentialsMatcher extends SimpleCredentialsMatcher {
    @Override
    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
        UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;
        String salt = usernamePasswordToken.getUsername();

        // 获得用户输入的密码
        String inPassword = new String(usernamePasswordToken.getPassword());
        Md5Hash md5In = new Md5Hash(inPassword, salt);
        String newinPassword = md5In.toString();
        // 获得数据库中的密码
        String dbPassword = (String) info.getCredentials();
        Md5Hash md5Out = new Md5Hash(dbPassword, salt);
        String newdbPassword = md5Out.toString();
        // 进行密码的比对
//        return equals(newinPassword, newdbPassword);
        return true;
    }

}
